Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8bbbcd3d authored by Robin Lee's avatar Robin Lee Committed by Android (Google) Code Review
Browse files

Merge "Policy: make bulk CA uninstalls happen in service" into mnc-dev

parents 94fc0c26 83881bdb
Loading
Loading
Loading
Loading
+6 −7
Original line number Original line Diff line number Diff line
@@ -2275,7 +2275,7 @@ public class DevicePolicyManager {
        if (mService != null) {
        if (mService != null) {
            try {
            try {
                final String alias = getCaCertAlias(certBuffer);
                final String alias = getCaCertAlias(certBuffer);
                mService.uninstallCaCert(admin, alias);
                mService.uninstallCaCerts(admin, new String[] {alias});
            } catch (CertificateException e) {
            } catch (CertificateException e) {
                Log.w(TAG, "Unable to parse certificate", e);
                Log.w(TAG, "Unable to parse certificate", e);
            } catch (RemoteException e) {
            } catch (RemoteException e) {
@@ -2322,15 +2322,14 @@ public class DevicePolicyManager {
     */
     */
    public void uninstallAllUserCaCerts(@Nullable ComponentName admin) {
    public void uninstallAllUserCaCerts(@Nullable ComponentName admin) {
        if (mService != null) {
        if (mService != null) {
            for (String alias : new TrustedCertificateStore().userAliases()) {
            try {
            try {
                    mService.uninstallCaCert(admin, alias);
                mService.uninstallCaCerts(admin, new TrustedCertificateStore().userAliases()
                        .toArray(new String[0]));
            } catch (RemoteException re) {
            } catch (RemoteException re) {
                Log.w(TAG, "Failed talking with device policy service", re);
                Log.w(TAG, "Failed talking with device policy service", re);
            }
            }
        }
        }
    }
    }
    }


    /**
    /**
     * Returns whether this certificate is installed as a trusted CA.
     * Returns whether this certificate is installed as a trusted CA.
+1 −1
Original line number Original line Diff line number Diff line
@@ -128,7 +128,7 @@ interface IDevicePolicyManager {
    boolean hasUserSetupCompleted();
    boolean hasUserSetupCompleted();


    boolean installCaCert(in ComponentName admin, in byte[] certBuffer);
    boolean installCaCert(in ComponentName admin, in byte[] certBuffer);
    void uninstallCaCert(in ComponentName admin, in String alias);
    void uninstallCaCerts(in ComponentName admin, in String[] aliases);
    void enforceCanManageCaCerts(in ComponentName admin);
    void enforceCanManageCaCerts(in ComponentName admin);


    boolean installKeyPair(in ComponentName who, in byte[] privKeyBuffer, in byte[] certBuffer, String alias);
    boolean installKeyPair(in ComponentName who, in byte[] privKeyBuffer, in byte[] certBuffer, String alias);
+4 −2
Original line number Original line Diff line number Diff line
@@ -3129,7 +3129,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
    }
    }


    @Override
    @Override
    public void uninstallCaCert(ComponentName admin, String alias) {
    public void uninstallCaCerts(ComponentName admin, String[] aliases) {
        enforceCanManageCaCerts(admin);
        enforceCanManageCaCerts(admin);


        final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
        final UserHandle userHandle = new UserHandle(UserHandle.getCallingUserId());
@@ -3137,7 +3137,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        try {
        try {
            final KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, userHandle);
            final KeyChainConnection keyChainConnection = KeyChain.bindAsUser(mContext, userHandle);
            try {
            try {
                keyChainConnection.getService().deleteCaCertificate(alias);
                for (int i = 0 ; i < aliases.length; i++) {
                    keyChainConnection.getService().deleteCaCertificate(aliases[i]);
                }
            } catch (RemoteException e) {
            } catch (RemoteException e) {
                Log.e(LOG_TAG, "from CaCertUninstaller: ", e);
                Log.e(LOG_TAG, "from CaCertUninstaller: ", e);
            } finally {
            } finally {